Description
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPS Child Theme Generator Directory Traversal (1.1)
MySQL CVE-2013-0383 Vulnerability (CVE-2013-0383)
Tornado Uncontrolled Resource Consumption Vulnerability (CVE-2025-67725)
PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-31628)
WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more SQL Injection (3.3)